Commit cd267272 authored by David Goulet's avatar David Goulet

Add Data Retention section to chat.html

Signed-off-by: default avatarDavid Goulet <dgoulet@ev0ke.net>
parent 3937cdc6
......@@ -58,7 +58,7 @@
<p>OTR.im offers a free and secure <a href="https://en.wikipedia.org/wiki/XMPP" target="_blank">Jabber</a> service that anyone can use by registering an account through your favorite chat client.</p>
<h4><p class="indent">&#x279b; jabber.otr.im</p></h4>
<p>Also possible to connect through our <a href="https://www.torproject.org/docs/hidden-services.html.en" target="_blank">Tor hidden service</a>:</p>
<p>It is also possible to connect through our <a href="https://www.torproject.org/docs/hidden-services.html.en" target="_blank">Tor hidden service</a>:</p>
<h4><p class="indent">&#x279b; 5rgdtlawqkcplz75.onion</p></h4>
<p>In order to configure a <a href="https://help.riseup.net/en/chat/clients" target="_blank">Jabber client</a>, you need this information:</p>
......@@ -78,12 +78,62 @@
target="_blank">results</a> from the IM Observatory.</p>
<p>Finally, this server has a special quirk. It forces
communication to be OTR encrypted thus cleartext message between
communication to be OTR encrypted, thus cleartext messages between
clients is impossible. With the help of
<a href="https://riseup.net" target="_blank">Riseup</a>, we have developed a
prosody <a href="https://github.com/dgoulet/prosody-otr" target="_blank">plugin</a> to
achieve mandatory OTR communication.
<h2 class="subtitle">Data Retention</h2>
<p>
This section details what data OTR.im can see and can not see
on this Jabber server.
<p>
First of all, this server is setup with
<a href="https://en.wikipedia.org/wiki/Disk_encryption">full disk encryption</a>
(FDE) so all that we store is only on an encrypted
disk. We use a
<a href="https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup">LUKS</a>
device for this. Secondly, logging is completely disabled on
the Jabber server, even error logs.
<p>
In case of a seizure, if the server is powered off, the FDE
will protect all data. If the server is kept online, see the
<i>What we can see?</i> section below.
<h3>What we CAN see?</h3>
<ul>
<li>Your username and <code>SHA1</code> hash of the
password are stored on the server.</li>
<li><a href="https://en.wikipedia.org/wiki/VCard">vCard</a>
if you supply one.</li>
<li>Your IP address. To avoid this, use our Tor hidden
service.</li>
<li>Offline messages.</li>
<ul>
<li>OTR body. (<strong>never</strong> plaintext)</li>
<li>Destination contact address.</li>
<li>Timestamp of the message.</li>
</ul>
<li>Your roster. For each contact:</li>
<ul>
<li>Jabber address (ex: <code>keith@jabber.boozallen.com</code>)</li>
<li>Name of the contact (if set)</li>
<li>Group (if any)</li>
</ul>
</ul>
<h3>What we DO NOT see?</h3>
<ul>
<li>Message content. Mandatory OTR makes it that we can't
read content.</li>
<li>No logs thus nothing our prosody server could usually
tell us.</li>
<li>We don't keep any timing metadata such as when you
connect or disconnect.</li>
</ul>
</div>
</div>
</div>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment